Effective Memory Diversification in Legacy Systems

Jang, Daehee; Yun, Heesun

doi:10.32985/ijeces.14.3.10

International journal of electrical and computer engineering systems, Vol. 14 No. 3, 2023.

Izvorni znanstveni članak

https://doi.org/10.32985/ijeces.14.3.10

Effective Memory Diversification in Legacy Systems

Daehee Jang ; Sungshin Women’s University Department of Convergence Security Engineering 02844, Seoul, South Korea
Heesun Yun ; Sungshin Women’s University Department of Convergence Security Engineering 02844, Seoul, South Korea

Puni tekst: engleski pdf 3.580 Kb

str. 321-331

preuzimanja: 108

citiraj

APA 6th Edition

Jang, D. i Yun, H. (2023). Effective Memory Diversification in Legacy Systems. International journal of electrical and computer engineering systems, 14 (3), 321-331. https://doi.org/10.32985/ijeces.14.3.10

MLA 8th Edition

Jang, Daehee i Heesun Yun. "Effective Memory Diversification in Legacy Systems." International journal of electrical and computer engineering systems, vol. 14, br. 3, 2023, str. 321-331. https://doi.org/10.32985/ijeces.14.3.10. Citirano 06.05.2024.

Chicago 17th Edition

Jang, Daehee i Heesun Yun. "Effective Memory Diversification in Legacy Systems." International journal of electrical and computer engineering systems 14, br. 3 (2023): 321-331. https://doi.org/10.32985/ijeces.14.3.10

Harvard

Jang, D., i Yun, H. (2023). 'Effective Memory Diversification in Legacy Systems', International journal of electrical and computer engineering systems, 14(3), str. 321-331. https://doi.org/10.32985/ijeces.14.3.10

Vancouver

Jang D, Yun H. Effective Memory Diversification in Legacy Systems. International journal of electrical and computer engineering systems [Internet]. 2023 [pristupljeno 06.05.2024.];14(3):321-331. https://doi.org/10.32985/ijeces.14.3.10

IEEE

D. Jang i H. Yun, "Effective Memory Diversification in Legacy Systems", International journal of electrical and computer engineering systems, vol.14, br. 3, str. 321-331, 2023. [Online]. https://doi.org/10.32985/ijeces.14.3.10

Sažetak

Memory corruption error is one of the critical security attack vectors against a wide range of software. Addressing this problem, modern compilers provide multiple features to fortify the software against such errors. However, applying compiler-based memory defense is problematic in legacy systems we often encounter in industry or military environments because source codes are unavailable. In this study, we propose memory diversification techniques tailored for legacy binaries to which we cannot apply state-of- the-art compiler-based solutions. The basic idea of our approach is to automatically patch the machine code instructions of each legacy system differently (e.g., a drone, or a vehicle firmware) without altering any semantic behavior of the software logic. As a result of our system, attackers must create a specific attack payload for each target by analyzing the particular firmware, thus significantly increasing exploit development time and cost. Our approach is evaluated by applying it to a stack and heap of multiple binaries, including PX4 drone firmware and other Linux utilities.

Ključne riječi

Legacy System; Diversification; Memory Layout Randomization; UAV Firmware;

Hrčak ID:

296702

URI

https://hrcak.srce.hr/296702

Datum izdavanja:

28.3.2023.

Posjeta: 307 *

Prijava i registracija

International journal of electrical and computer engineering systems, Vol. 14 No. 3, 2023.

Sažetak

Ključne riječi

Hrčak ID:

URI

Datum izdavanja: